about summary refs log tree commit diff
path: root/config/initializers
diff options
context:
space:
mode:
Diffstat (limited to 'config/initializers')
-rw-r--r--config/initializers/http_client_proxy.rb24
-rw-r--r--config/initializers/json_ld.rb5
-rw-r--r--config/initializers/oembed.rb4
-rw-r--r--config/initializers/rack_attack.rb4
4 files changed, 28 insertions, 9 deletions
diff --git a/config/initializers/http_client_proxy.rb b/config/initializers/http_client_proxy.rb
new file mode 100644
index 000000000..f5026d59e
--- /dev/null
+++ b/config/initializers/http_client_proxy.rb
@@ -0,0 +1,24 @@
+Rails.application.configure do
+  config.x.http_client_proxy = {}
+  if ENV['http_proxy'].present?
+    proxy = URI.parse(ENV['http_proxy'])
+    raise "Unsupported proxy type: #{proxy.scheme}" unless %w(http https).include? proxy.scheme
+    raise "No proxy host" unless proxy.host
+
+    host = proxy.host
+    host = host[1...-1] if host[0] == '[' #for IPv6 address
+    config.x.http_client_proxy[:proxy] = { proxy_address: host, proxy_port: proxy.port, proxy_username: proxy.user, proxy_password: proxy.password }.compact
+  end
+
+  config.x.access_to_hidden_service = ENV['ALLOW_ACCESS_TO_HIDDEN_SERVICE'] == 'true'
+  config.x.hidden_service_via_transparent_proxy = ENV['HIDDEN_SERVICE_VIA_TRANSPARENT_PROXY'] == 'true'
+end
+
+module Goldfinger
+  def self.finger(uri, opts = {})
+    to_hidden = /\.(onion|i2p)(:\d+)?$/.match(uri)
+    raise Mastodon::HostValidationError, 'Instance does not support hidden service connections' if !Rails.configuration.x.access_to_hidden_service && to_hidden
+    opts = opts.merge(Rails.configuration.x.http_client_proxy).merge(ssl: !to_hidden)
+    Goldfinger::Client.new(uri, opts).finger
+  end
+end
diff --git a/config/initializers/json_ld.rb b/config/initializers/json_ld.rb
deleted file mode 100644
index 2ddc7352d..000000000
--- a/config/initializers/json_ld.rb
+++ /dev/null
@@ -1,5 +0,0 @@
-# frozen_string_literal: true
-
-require_relative '../../lib/json_ld/identity'
-require_relative '../../lib/json_ld/security'
-require_relative '../../lib/json_ld/activitystreams'
diff --git a/config/initializers/oembed.rb b/config/initializers/oembed.rb
deleted file mode 100644
index 208e586cb..000000000
--- a/config/initializers/oembed.rb
+++ /dev/null
@@ -1,4 +0,0 @@
-# frozen_string_literal: true
-
-require_relative '../../app/lib/provider_discovery'
-OEmbed::Providers.register_fallback(ProviderDiscovery)
diff --git a/config/initializers/rack_attack.rb b/config/initializers/rack_attack.rb
index b35452f04..0ca0a7e7f 100644
--- a/config/initializers/rack_attack.rb
+++ b/config/initializers/rack_attack.rb
@@ -53,6 +53,10 @@ class Rack::Attack
     req.ip if req.api_request?
   end
 
+  throttle('throttle_media', limit: 30, period: 30.minutes) do |req|
+    req.authenticated_user_id if req.post? && req.path.start_with?('/api/v1/media')
+  end
+
   throttle('protected_paths', limit: 25, period: 5.minutes) do |req|
     req.ip if req.post? && req.path =~ PROTECTED_PATHS_REGEX
   end
generated by cgit-pink (git 2.37.1) at 2024-07-01 16:15:05 +0000